| Message ID | 20260315230620.1594780-2-luca.boccassi@gmail.com |
|---|---|
| State | New |
| Headers | show
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Received: by 2002:a05:7000:2755:b0:83c:d90d:321 with SMTP id j21csp2536718maq;
Sun, 15 Mar 2026 16:06:47 -0700 (PDT)
X-Forwarded-Encrypted: i=2;
AJvYcCUC0rsTh93rrt283pHK8dvxd3qTWctZ4SAU10Pv4Mh+n30R3V2/VWk/2sG34iaU/tXWpyuFg4DGZYs=@openvpn.net
X-Received: by 2002:a05:6820:217:b0:678:24c4:2ef4 with SMTP id
006d021491bc7-67bdaa50b6bmr7476728eaf.50.1773616007620;
Sun, 15 Mar 2026 16:06:47 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1773616007; cv=none;
d=google.com; s=arc-20240605;
b=hHCPM5Z75JNTs74nw6KVxBYNEJmWDaQsWq+R4YnI6O9r+mGLFlmI4FU2Vx8qG7Ffzv
QwCHFHBPtrwyT6Za1qkmx7YxL2hH1xjHM7bfHMLefcEiNlmzYtQ62j86GMVnDeHJ3+z1
LhIM3yFJAnfqTVncyEZ/jr6OJjgvnNI3HoJU8/qjnAwyDJ7KEY0bW09kDg+CsT4FeaaL
QsV9IKBGyBsrAPt8XO13w/NgN3326Kmiop1UQBtO+2t9nNzwtCo26FXOiQaXRLf0IDBZ
yrhdos6IqLgjGps+9oRYvR3DtlWF4rw3rDH/NhtdxPbxsi/xVLwqFNdOIot9gMRzONBM
qL9A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20240605;
h=errors-to:content-transfer-encoding:cc:list-subscribe:list-help
:list-post:list-archive:list-unsubscribe:list-id:precedence:subject
:mime-version:references:in-reply-to:message-id:date:to:from
:dkim-signature:dkim-signature:dkim-signature:dkim-signature;
bh=XM92qzFANwfMcYKqaUJjK8Yhf3v48vAdUPsjy+MKGls=;
fh=FRWMOQmE4vArX8xPll5WCJJjcBedLRfud2/cHUpioeU=;
b=FlLBvNt67l6DFoTkA5TeviZrIJ38hOd2quGSzXRwlePIs0/NM+vAQRVJ18m5rLH6X3
tpHpLF5KJjCM25R6wMFAD4oMMIj3nC/20JzydNBzJG/stL6V3/1TbqBYG6fzKbqQQzNU
PhGewjhldnsuz3BpBT6rVZu/IeGIqN05KzrG8P7Qb+kvsTloyNdvxuQ4OpEK4y58uExx
jeQZi8UyMKS3Wi7zCiAUap3gKEsNarspfmlPxmHJ6Bht4eZJLZAxHFlvjSP2MZifWnDC
QpRTgzkYVyytK9fHbSHHKKfzJ3mHK/QgYD/Xuejf7k6AAi9pCzukDvEyYednkHQZoILY
xrcQ==;
dara=google.com
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@lists.sourceforge.net header.s=beta
header.b=HOa3wriU;
dkim=neutral (body hash did not verify) header.i=@sourceforge.net
header.s=x header.b=JvJXz5ZX;
dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
header.b=OqENMBU4;
dkim=neutral (body hash did not verify) header.i=@gmail.com
header.s=20230601 header.b=S2TpsFEO;
spf=pass (google.com: domain of
openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com;
dara=neutral header.i=@openvpn.net
Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7])
by mx.google.com with ESMTPS id
006d021491bc7-67bdd612b7asi3973689eaf.86.2026.03.15.16.06.47
(version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
Sun, 15 Mar 2026 16:06:47 -0700 (PDT)
Received-SPF: pass (google.com: domain of
openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
permitted sender) client-ip=216.105.38.7;
Authentication-Results: mx.google.com;
dkim=pass header.i=@lists.sourceforge.net header.s=beta
header.b=HOa3wriU;
dkim=neutral (body hash did not verify) header.i=@sourceforge.net
header.s=x header.b=JvJXz5ZX;
dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
header.b=OqENMBU4;
dkim=neutral (body hash did not verify) header.i=@gmail.com
header.s=20230601 header.b=S2TpsFEO;
spf=pass (google.com: domain of
openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com;
dara=neutral header.i=@openvpn.net
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type:Cc:
List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:
Subject:MIME-Version:References:In-Reply-To:Message-ID:Date:To:From:Sender:
Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender
:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner;
bh=XM92qzFANwfMcYKqaUJjK8Yhf3v48vAdUPsjy+MKGls=; b=HOa3wriUyVWIcce3kWqa8NxoT8
VsThtu9azd/+L2rYOnf36HCitGD0P1xB608OvzFyqQgksJpvF9vtrxiVs9AurDuRaUPAp2usOqWdO
wq4+Ezu8Gfelik9hlAZDu44Zzhxp179rQwfiYPmn8bFhk9Z9ItIxDzBPDCWsxl64co4c=;
Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com)
by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.95)
(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
id 1w1uXj-0000Px-4D;
Sun, 15 Mar 2026 23:06:43 +0000
Received: from [172.30.29.66] (helo=mx.sourceforge.net)
by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95)
(envelope-from <luca.boccassi@gmail.com>) id 1w1uXe-0000Pq-9I
for openvpn-devel@lists.sourceforge.net;
Sun, 15 Mar 2026 23:06:38 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References:
In-Reply-To:Message-ID:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:
Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:
List-Subscribe:List-Post:List-Owner:List-Archive;
bh=znggBQvKt9TLYQqMPOm+ITTICpbLQIiOFj4TQ7DzGCM=; b=JvJXz5ZXlL7cl43HjyLkb9wVAJ
zhm7Khr8sdqmtk7hoCJru/vhdptMmX8m6eQQxxxZVZx39gZUHavsfSELvrdrxTYF4ur234yC8UjpC
4r5NNhFHxQnVXkk0TtwKVRXImh/pcyn7SCDrkrpC5+e3nxtUr9BzDYJqHfY8VOcQdWPE=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
;
h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID:
Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID:
Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
List-Post:List-Owner:List-Archive;
bh=znggBQvKt9TLYQqMPOm+ITTICpbLQIiOFj4TQ7DzGCM=; b=OqENMBU4xDcj9eO9GA7o4rxiF+
RVWqK7qxFP3I8t2xySmQ+FD1FCERM9u+/6LA0TbSHTsaXl9VPTQfuyv2gBYi+SrsazMqjupbcoZeS
QvH8HgOwQ1lWpD3YRrCGnYMR0ZKhIZ3aVpAEOwXrKDJ32Eo4A6RwXwxDfliRDCbygGC0=;
Received: from mail-wm1-f50.google.com ([209.85.128.50])
by sfi-mx-2.v28.lw.sourceforge.com with esmtps
(TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95)
id 1w1uXd-00033I-PC for openvpn-devel@lists.sourceforge.net;
Sun, 15 Mar 2026 23:06:38 +0000
Received: by mail-wm1-f50.google.com with SMTP id
5b1f17b1804b1-48535a0ef86so33071085e9.1
for <openvpn-devel@lists.sourceforge.net>;
Sun, 15 Mar 2026 16:06:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20230601; t=1773615986; x=1774220786;
darn=lists.sourceforge.net;
h=content-transfer-encoding:mime-version:references:in-reply-to
:message-id:date:subject:cc:to:from:from:to:cc:subject:date
:message-id:reply-to;
bh=znggBQvKt9TLYQqMPOm+ITTICpbLQIiOFj4TQ7DzGCM=;
b=S2TpsFEObEQKxkUMPmABh0m6FqJtF0f+8muZonSY4nG+rajGzlY9R5llMkA4NcBolW
2o5EEGp1vLrpkRw5CYYwFXVGhXv838mzlU+t7B+gXcadx8enlxAK0QN2v11qgRdzC/ul
ZYh6Py81nHAia2W1B3+Rca1lCcm3bAIaLLGLlEsN+CJcVktK2z8VgJelp0Y5jejOMQJd
VkODGihgqfNkmtdkqmFQg2fCj58053PrLaYcWWMH7504lmR1YqUSNt9xzLL9+i8FXQM/
vIPMVtrTTC4t6EfqMNyujrwZZ8kNkuKfgC8vpX9rJHTRf6xRJuoApVxN3mBPjL36KxrR
AchQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20251104; t=1773615986; x=1774220786;
h=content-transfer-encoding:mime-version:references:in-reply-to
:message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
:to:cc:subject:date:message-id:reply-to;
bh=znggBQvKt9TLYQqMPOm+ITTICpbLQIiOFj4TQ7DzGCM=;
b=Id3njg4JIpm9H//UjkRCy8r/PuX84GDLUQx7kbWDxVcqlYQ//SOWRcoRm9k2YYMxmk
Eq77GZ2tMqLC6plh6WfdGpolT3OIVRYpFV5fWdF9Iy9lBnUqB4ByjAwo7Ssc2INSxrrI
yNUUCbt2sHTkSs2h7H6l0wrTxQqqscmUvl/cWg0axgdM/DT1qLp7JtRgMR16WUAP/cDa
ZXbVBZoelMBOZi+Ogp6aMxRdL8p/ZN6cNSXCZ/53DX8C85PPZ+eefsqO+4Oi7w9eqRoN
wkoyv1bMVW4nRT6wnk9GCy8aswCRf3xvigyzRTG1Zb1n1rdb9xnKaYr8R0F6lpcOkqeU
/UDQ==
X-Gm-Message-State: AOJu0YzoupE1erUFtPHuonrP0GfBJufeQETdFbsdzJ+C249LsLuK1e+/
qKRwmnwFL5vTV0mMUl/4wk++v+1cKrp7Zz9Aw1NVcHNBp9icBMcI96VyJwtV1w==
X-Gm-Gg: ATEYQzx55Ppa5FC4QXmdU2TK3DfH+E+P0FGKWyGaVmLQiZ+sfv3jrGKH9XVSQ2uYdH5
0QvYCUGNcH2bjUmGbQskW8kfdOWgQl1WiLa5wjdXJd8bITc2h7gW9B7t71R8cqtZAotCijqohJn
PXIXyYV+JnACPLdPp7uG0Q8bgMDW3P+lxfNU6Q8TnINFa0c6NuLBas9l2IZXw2boeLQED4EFDz6
Bty+vd5MuJAeDNAp4eOPY39y/FK+o4F3nXbjGb3TOwDVvYHAFAHG1YlWMRlh91fZtp01+LTgPPE
aMggmRtRJZlaWalqwqpqIfrvFta897i7JGfEgfyCJK+35EdhF0cX7UknMcmWx0TnbsiMC6WJkM2
RVw4u8F+ffd7PrNmL5GXfAS0WlHpeLqjD9GQonPRUm8J1JGGAV7iEnzRG6jXnQMj4u7Z0jY8rpH
8y1xxSYZwb8ieX4Zn3cCYm78CQKUor
X-Received: by 2002:a05:600c:6304:b0:477:6d96:b3e5 with SMTP id
5b1f17b1804b1-485566d3008mr185996065e9.7.1773615985688;
Sun, 15 Mar 2026 16:06:25 -0700 (PDT)
Received: from localhost ([2a01:4b00:d036:ae00:21cd:def0:a01d:d2aa])
by smtp.gmail.com with UTF8SMTPSA id
5b1f17b1804b1-48569672c60sm56376175e9.0.2026.03.15.16.06.24
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Sun, 15 Mar 2026 16:06:25 -0700 (PDT)
From: luca.boccassi@gmail.com
To: openvpn-devel@lists.sourceforge.net
Date: Sun, 15 Mar 2026 23:05:29 +0000
Message-ID: <20260315230620.1594780-2-luca.boccassi@gmail.com>
X-Mailer: git-send-email 2.47.3
In-Reply-To: <20260315230620.1594780-1-luca.boccassi@gmail.com>
References: <20260315184337.1541272-1-luca.boccassi@gmail.com>
<20260315230620.1594780-1-luca.boccassi@gmail.com>
MIME-Version: 1.0
X-Spam-Score: -0.2 (/)
X-Spam-Report: Spam detection software,
running on the system "sfi-spamd-1.hosts.colo.sdot.me",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: From: Luca Boccassi When authenticating via a JWT token 2048
bytes are not enough, which breaks the auth process. In my local case the
token is ~2100 bytes. Bump the maximum harcoded size from 2k to 8k to leave
some head [...]
Content analysis details: (-0.2 points, 5.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's
domain
-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from
envelope-from domain
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
[luca.boccassi(at)gmail.com]
0.0 RCVD_IN_DNSWL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to DNSWL
was blocked. See
http://wiki.apache.org/spamassassin/DnsBlocklists#DnsBlocklists-dnsbl-block
for more information. [209.85.128.50 listed in list.dnswl.org]
0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
[209.85.128.50 listed in wl.mailspike.net]
X-Headers-End: 1w1uXd-00033I-PC
Subject: [Openvpn-devel] [PATCH v2 1/3] Increase TLS_CHANNEL_BUF_SIZE from
2048 to 8192
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
<mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive:
<http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
<mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
Cc: Luca Boccassi <luca.boccassi@gmail.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox
X-GMAIL-THRID: =?utf-8?q?1859754648820128287?=
X-GMAIL-MSGID: =?utf-8?q?1859771178663666944?=
|
| Series |
Two small fixes for auth via tokens
|
expand
|
diff --git a/src/openvpn/common.h b/src/openvpn/common.h index aa7b7217..fbe6239a 100644 --- a/src/openvpn/common.h +++ b/src/openvpn/common.h @@ -67,7 +67,7 @@ typedef unsigned long ptr_type; * maximum size of a single TLS message (cleartext). * This parameter must be >= PUSH_BUNDLE_SIZE */ -#define TLS_CHANNEL_BUF_SIZE 2048 +#define TLS_CHANNEL_BUF_SIZE 8192 /* TLS control buffer minimum size *